Vulnerability Development mailing list archives
RE: Clicktilluwin DLDER Trojan
From: "Michael Watson" <mmwatson () peoplepc com>
Date: Mon, 31 Dec 2001 14:32:31 -0500
hey. i had the latest kazaa installed on my computer and it gave me that dlder trojan. also, for some time, when kazaa was starting when window booted, in the upper left corner on my screen was a small gray box that wouldn't respond to anything. after i stopped kazaa.exe in my system processes, it went away. also, that dlder.exe was a pain in the ass to get rid of. something weird is going on. maybe the limeware and kazaa people got hacked and someone is having a little fun, or maybe they are intentionally doing this for some reason. isn't there some kind of legal way for this to be stopped? id sue for all the crap i had to go thru just to get everything working again. im using w2k also. -----Original Message----- From: jon () kirkbrideonline com [mailto:jon () kirkbrideonline com] Sent: Monday, December 31, 2001 10:04 AM To: vuln-dev () securityfocus com Subject: Clicktilluwin DLDER Trojan In-Reply-To: <20011230032402.5229.qmail () mail securityfocus com> I found this vulnerability in the latest Limewire 2.0.2 gnutella client download. This crap gets installed whether you like it or not. On my WinXP machine, it was running a new service called bargains.exe that was located in c:\program files\bargain buddy. The dlder.exe file resides in C:\windows. I deleted the files before I looked at their content but there appeard to be some DB type files in the folder. Norton's latests pattern files (12/29) will detect the dlder.exe file but there's no info on their website about it yet. Anyone have a handle on what this thing is doing?
Current thread:
- Clicktilluwin DLDER Trojan jon (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)
- Re: Clicktilluwin DLDER Trojan Jonas M Luster (Dec 31)
- Re: Clicktilluwin DLDER Trojan mezzanine (Dec 31)
- RE: Clicktilluwin DLDER Trojan Michael Watson (Dec 31)